[security] Open Redirector issue with checkid_immediate
SitG Admin
sysadmin at shadowsinthegarden.com
Tue Jun 9 04:01:56 UTC 2009
>I don't think browser javascript can manipulate the Referrer header.
> So it seems like a reasonable precaution to me to check it.
I've checked it. Looks like there *was* an attack against versions of
Firefox before 2.0.0.10, and the XML HTTP Request object might work
in any case:
http://pseudo-flaw.net/content/web-browsers/firefox-referer-spoofing/
http://jibbering.com/2002/4/httprequest.html
The relevant line of code for that second page is:
xmlhttp.setRequestHeader('Accept','message/x-jl-formresult')
I have not tested this.
-Shade
More information about the security
mailing list